Introducing BitKey - A secure Bitcoin live USB/CD solution built with TKLDev

I'd like to announce a side project we've been working called BitKey. The idea was to see if we could use the TurnKey development tools to create a self-contained read-only CD/USB stick with everything you need to perform highly secure air-gapped Bitcoin transactions.

Background

Liraz and I usually have our hands full developing TurnKey, but we've been super enthusiastic fans of Bitcoin from early on. After going to our first local Bitcoin meetup we discovered the elephant in the room was that there was no easy way to perform Bitcoin transactions with adequate security and by that I mean that your wallet's private keys live on an air-gapped system physically disconnected from the Internet.

People who didn't know enough to be paranoid were making themselves easy targets to Bitcoin stealing malware, browser man-in-the-middle attacks and a whole zoo of attacks that were old school a decade ago, while the more cautious, security-minded folks seemed to be reinventing the wheel and coming up with various cruel and unusual ad-hoc solutions such as booting from a Live Ubuntu CD offline and pointing their browser at a copy of bitaddress to create a simple paper wallet.

We realized we could come up with something better, that we would want to use ourselves, and that others might be interested in as well.

How does BitKey relate to TurnKey?

Well, it does and it doesn't. Necessity is the mother of invention and BitKey started out life as just another itch which we happened to have the means (TKLDev) of scratching. Since it doesn't fit the mold we're not sure yet whether it makes sense for this to be an official part of TurnKey or its own thing.

For now, BitKey is a side project that leverages TurnKey's open source build infrastructure - but we thought that its existence and its usage of TKLDev might make for an interesting post.

The project has its own website: bitkey.io. You can find the source on GitHub. Check it out and tell us what you think.

Update Jul 22 2014: A discussion on Reddit prompted me to write a blog post explaining how to use BitKey to perform secure Bitcoin transactions without needing to trust BitKey not to be compromised:

Hi,
BitKey uses a USB drive to store the encrypted wallet. USB drives tend to die: How can I protect myself from this? Can I just "clone" the USB drive, since it is encrypted? What would be the recommended method to do this?

Yes USBs can die, so having a backup is a really good idea. TBH, I'm not closely involved with the BitKey development so I'm not totally up to speed, but I do know that some have been working on including printer drivers so that users can print out a paper wallet as a backup.

But yes you can just "clone" the USB stick. I'm a Linux commandline user so I'd just use dd to copy from one USB to another, and/or to a file. Mac OSX has dd too I think? If you are on Windows, I just did a quick google and found a SuperUser Q&A which has some good sounds suggestions. I recall using Rufus years ago (when I was a Windows user) and it was quite good. According to one of the answers, you can choose 'DD Image' for 'Create bootable disk using' [your USB].